CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,144 vulnerabilities with CWE-79
CVE-2025-7109
LOW
Portabilis i-Educar 2.9.0 - Cross-Site Scripting via Student Benefits Registration
CVSS 3.5
CVE-2025-53484
CRITICAL
Mediawiki - SecurePoll <1.39.13-1.42.7-1.43.2 - XSS
CVSS 9.8
CVE-2025-53482
MEDIUM
Mediawiki - IPInfo Extension <1.39.13-1.43.2 - XSS
CVSS 6.1
CVE-2025-7066
MEDIUM
jirafeau < 4.6.3 - Cross-Site Scripting via MIME Type Bypass
CVSS 6.1
CVE-2025-6740
MEDIUM
Contact Form 7 Database Addon < 1.3.1 - Unauthenticated Stored Cross-Site Scripting via tmpD Parameter
CVSS 6.1
CVE-2025-52798
HIGH
eyecix JobSearch < 3.0.6 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-52796
HIGH
WP-Recall < 16.26.14 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-52776
HIGH
Video List Manager <= 1.7 - Stored Cross-Site Scripting
CVSS 7.1
CVE-2025-49866
HIGH
Nikel Beautiful Cookie Consent Banner <4.6.1 - XSS
CVSS 7.1
CVE-2025-49274
HIGH
Neom Blog <= 0.0.9 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-49247
HIGH
Team Showcase < 25.05.13 - DOM-Based Cross-Site Scripting
CVSS 7.1
CVE-2025-49245
HIGH
cmoreira Testimonials Showcase <1.9.16 - XSS
CVSS 7.1
CVE-2025-48231
MEDIUM
Booking Calendar Contact Form <1.2.58 - XSS
CVSS 6.5
CVE-2025-39487
HIGH
ValvePress Rankie <= 1.8.2 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-32311
HIGH
QuanticaLabs Pressroom - News Magazine <6.9 - XSS
CVSS 7.1
CVE-2025-31037
HIGH
Homey <= 2.4.5 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-28978
HIGH
Hung Trang Si SB Breadcrumbs <1.0 - XSS
CVSS 7.1
CVE-2025-28976
MEDIUM
dsrodzin Email Address Security <3.3.6 - XSS
CVSS 6.5
CVE-2025-28968
HIGH
WP Wall <= 1.7.3 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-24771
HIGH
OTWthemes Content Manager Light <3.2 - XSS
CVSS 7.1
CVE-2025-53566
MEDIUM
osama.esh WP Visitor Statistics <7.8 - XSS
CVSS 6.5
CVE-2025-30983
MEDIUM
gopiplus Card flip image slideshow <1.5 - XSS
CVSS 6.5
CVE-2025-30943
MEDIUM
Aakif Kadiwala Posts Slider Shortcode <1.0 - XSS
CVSS 6.5
CVE-2025-28971
MEDIUM
CWD Web Designer Easy Elements Hider - XSS
CVSS 5.9
CVE-2025-28957
MEDIUM
OwnerRez API <= 1.2.1 - Stored Cross-Site Scripting
CVSS 6.5
Details
Vulnerabilities
45,144
Exploit Likelihood
High